Facebook failed to warn users they were at risk of data breach

News
By
published

Lawsuit says social network should have made security issues clearer.

(Image credit: Shutterstock.com)

Facebook has been accused of letting down its users after a significant data breach last year.

The social media giant did not provide users with enough warning that their Facebook accounts could be compromised and their data stolen due to security flaws in its sign-on system, a new lawsuit has said.

Facebook is being sued in the US following last year's attack, which left around 29 million user accounts open to hackers.

Facebook security risk

The accusation came as part of an ongoing court case lodged by a group of Facebook users following the September 2018 breach. Hackers were able to acccess millions of Facebook accounts after stealing "access tokens" used to log in users connecting via third-party apps and services.

Users would sign in to the site via these services using their Facebook login details, meaning that gaining control of the access tokens would give attackers entry to full accounts.

“Facebook knew about the access token vulnerability and failed to fix it for years, despite that knowledge,” the court filing at the U.S. District Court for the Northern District of California in San Francisco read.

“Even more egregiously, Facebook took steps to protect its own employees from the security risk, but not the vast majority of its users.”

Of those affected in the attack, around 14 million saw profile details such as birth dates, employers, education history, religious preference, types of devices used, pages followed and recent searches and location check-ins stolen.

Names and contact details were exposed for the other 15 million users, with around 400,000 others having their posts and lists of friends and groups open.

Facebook has yet to respond to the filing, but faces yet more questioning over its security protection systems.

The company Facebook was fined a record $5bn by the US Federal Trade Commission (FTC) last month to settle privacy concerns over the Cambridge Analytica data-stealing scandal.

  • The best VPN service of 2019

Via Reuters

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
Latest in News
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
Hospital
Major Oracle outage hits US Federal health record systems
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Sam Porter cradles a baby
Death Stranding 2: On the Beach trailer confirms June release date and an even more harrowing post-apocalyptic world
The Ray-Ban Meta Coperni smart glasses
The new Ray-Ban Meta smart glasses design is an expensive disappointment
AOC Agon Pro AG276FK gaming monitor tilted slightly to the side, showing the Windows desktop screen
Windows 11 users get ready for more ‘recommendations’ from Microsoft – but I’m relieved to say these suggestions might actually be useful
More about security
How to prevent cyberattacks

NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps

Agentic AI has “profound” issues with security and privacy, Signal President says
iPad Pro 13-inch 2024 on a table

The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
See more latest
Most Popular
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Chrome icon on Android
The US government still wants Google to sell off Chrome
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
The Ray-Ban Meta Coperni smart glasses
The new Ray-Ban Meta smart glasses design is an expensive disappointment
Hospital
Major Oracle outage hits US Federal health record systems
A mock up of an Apple HomePod hub based on the Amazon Echo Show 10 sitting on a kitchen table
Advantage, Alexa – Apple's smart home hub reportedly 'postponed' due to Siri slowdown
Sam Porter cradles a baby
Death Stranding 2: On the Beach trailer confirms June release date and an even more harrowing post-apocalyptic world
The black Xbox Series S 1TB on a colorful desk mat alongside a matching controller.
The next Xbox could simply be a PC in a 'TV-friendly shell' per latest rumor
Google Chromecast 2
Chromecast users are getting increasingly angry about a weird 'untrusted device' bug that blocks casting – but a fix is coming
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack